WO2000011583A2 - Authority profiles in a hierarchical computerized information system - Google Patents

Authority profiles in a hierarchical computerized information system Download PDF

Info

Publication number
WO2000011583A2
WO2000011583A2 PCT/SE1999/001431 SE9901431W WO0011583A2 WO 2000011583 A2 WO2000011583 A2 WO 2000011583A2 SE 9901431 W SE9901431 W SE 9901431W WO 0011583 A2 WO0011583 A2 WO 0011583A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
information system
parameter
document
authority
Prior art date
Application number
PCT/SE1999/001431
Other languages
French (fr)
Other versions
WO2000011583A3 (en
Inventor
Jonas Hansson
Johan Rask
Magnus Bodin
Original Assignee
Netch Technologies Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Netch Technologies Ab filed Critical Netch Technologies Ab
Priority to AU57682/99A priority Critical patent/AU5768299A/en
Publication of WO2000011583A2 publication Critical patent/WO2000011583A2/en
Publication of WO2000011583A3 publication Critical patent/WO2000011583A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems

Definitions

  • the present invention relates to a computerized information system, comprising at least one server and a plurality of workstations operatively connected to said server, the server being arranged to provide access for users of said workstations to digital data entities stored in a storage device .
  • Computerized information systems as set out above are commonly used for distributing and sharing information among a plurality of persons belonging to e.g. a business organization.
  • At least one server computer is connected to a database for storing a large quantity of information, and the users are provided access to the information from workstation computers operatively connected to the server com- puter by a local area network (LAN) and/or a wide area network (WAN) .
  • the information system may be e.g. an electronic mail system, an in-house intranet-based information system, etc.
  • the information system with means for maintaining an authority profile assigned to each user, said authority profile comprising an access level parameter and at least one of a geographical location parameter, an organizational position parameter, a product type parameter, a business unit para- meter or a personal competence parameter, and said authority profile relating the user to a node in a hierarchical structure; means for controlling each user's accessibility to said digital data entities in dependence of said author- ity profile; and means for allowing a user, the authority profile of which comprises a designation of said user as administrator of a particular node, to dynamically modify, create or delete authority profiles for users related to nodes in the hierarchical structure subordinate or identi- cal to said particular node.
  • Fig. 1 is a general schematic diagram of the architecture of the information system
  • Figs. 2 - 13 are computer monitor printouts illustrating some major functions of the information system and Fig. 14 is a schematic block diagram of a hierarchical authority profile structure.
  • Fig. 1 illustrates the computerized information sys- tern according to the preferred embodiment of the invention.
  • the information system comprises a server computer 100, which will simply be referred to as "server” in the forthcoming.
  • the server 100 is provided with a Microsoft * NT operating system and a Microsoft * SQL Server software pack- age.
  • the server 100 is arranged to operate as a "web server” to provide web-based information services to a plurality of workstation computers 201-203, which are operatively connected, according to the TCP/IP protocol, to the server 100 in an "extranet" structure.
  • the workstation computers 201-203 (referred to as
  • workstations are personal computers, such as desktop computers, laptop computers or hand-held computers, which run any conventional operating system, such as Windows * 95, Windows * 98, Windows * 3.x, Apple * System x, UNIX * or Windows * NT. Additionally, the workstations 201- 203 are provided with a web browser software, such as Netscape * Navigator or Microsoft * Internet Explorer. However, the server 100 and the workstations 201-203 may be computers of any other kind than the ones mentioned above, which fulfill the functionality specifications below.
  • the way in which the workstations 201-203 are connected to the server 100 may be any known local area network (LAN) or wide area network (WAN) technology.
  • LAN local area network
  • WAN wide area network
  • the server 100 is provided with a plurality of soft- ware program modules 300 in the form of CGI -programs
  • the purpose of the program modules 300 is to realize the information services func- tionality of the inventive information system by producing dynamic HTML ("Hypertext Markup Language") pages to be presented .by the web browsers on the workstations 201-203.
  • the information system comprises an authority profile database 310 and an access control module 320, the purpose of which will appear from the following.
  • the information system is also provided with a main database 400 for storing a plurality of digital data entities, such as digital documents, representing information contained in the information system.
  • the information system comprises a firewall 600 and a replicated database 700.
  • the authority profile database 310 and the access control module 320 form the basis of the information system and enable a distributed and growing organization to overcome the problems described above.
  • the system is arranged to operate according to the principle that all information is locally known and should be managed locally rather than having a single central administrator, which would have to keep track of all members of the organization as well as their responsibilities and job tasks.
  • a decentralized administration tool in the form of an administration module 330, all parts of the organization may build an authority structure in the form of a set of authority profile records in the authority profile database 310.
  • the administration module 330 will be further described below with reference to figs. 8-10.
  • Each user is assigned an authority profile, which comprises an access level parameter and at least one of a geographical location parameter, an organizational position parameter, a product type parameter, a business unit parameter or a personal competence parameter.
  • authority profiles are used by the access control module 320 for de- ciding whether and to what degree an individual user should have access to a particular piece of information in the form of a digital data entity 401-406 stored in the database 400.
  • the authority profile database 310, the access con- trol module 320 and the administration module 330 give any part of the organization an opportunity to build hierarchical tree structures and send lists, where the accessibility for all individual users belonging to that part of the organization to a particular digital data entity 401-406 is carefully controlled by the authority profile record assigned to the individual user.
  • the authority profiles of all users are related to a respective node 501-509 in a hierarchical structure 500, which is schematically illustrated in fig. 14. All users of a particular node have the same access level, as indicated in fig. 14.
  • the access control module 320 is arranged to check whether a particular digital data entity 401-406 should be immediately available, once published by e.g. a user 510 belonging to e.g. a node 504, to all users belonging to the subtree originating from the node 504, (i.e., users 511-512 as well as nodes 506-509 with their respective users) , or whether a subordinate node in the subtree must authorize the publication of the particular digital data entity 401-406, before it is published further to respective subordinate nodes in the subtree structure.
  • the information system comprises a personal workarea module 350, which is arranged to provide each user with an interactive and automatic "to-do list".
  • This workarea is presented to the user, when he or she enters the information system through a web browser program executed on any of the workstations 201-203, as illustrated in fig 2.
  • the purpose of the personal workarea is to automatically keep record of all digital data entities that each individual user is expected to receive, and furthermore such digital data entities that the individual user is expected to process and. actively authorize, before the digital data entity is published further down the hierarchical subtree structure.
  • the user "semitopp" has two digital data entities, namely "qweqw" and "Annual meeting", to read or process.
  • all screen pages have a static portion, comprising a "Home” option, a "Bookmarks” option, a “Search the archive” option, a “Create document” option, an "Administration” option and a “Help” option.
  • the “Home” option brings the user back to the starting page in the information system, which is represented by the personal workarea page of fig. 2.
  • the “Bookmarks” option is part of the personal workarea and al- lows the user to save and keep, for future use, such information, which is believed to be of importance and/or has not been read or processed yet.
  • the "Bookmarks” functionality is part of the personal workarea module 350.
  • a document publishing module 340 is part of the information system according to the preferred embodiment. This module provides an easy-to-use step-by-step procedure for adding and categorizing new information, i.e. new digital data entities 401-406, to the database 400, so as to publish the information contained in the digital data entities to different users depending on their individual authority profiles.
  • the digital data entities 401-406 are preferably added to the database 400 by creating an empty document 401-403 and providing it with digital information, such as a document title, a message text, and/or an attachment 404-406 such as a text file, a computer executable file, a graphical image file, a moving pictures file, an acoustical sound file, etc.
  • the pub- lishing user When creating the digital document 401-403, the pub- lishing user will define a set of recipient parameters, such as access level restriction, geographical location, organizational position, business unit, product type, personal competence, etc.
  • the document publishing module 340 will then automatically call the access control module 320 and request a list of recipients of the created digital document.
  • the access control module 320 uses the recipient parameters specified by the user to search in the authority profile database 310 for all such users, the authority profiles of which match the specified recipient parameters. Hence, the publishing user will not have to bother with finding out all appropriate recipients of the digital document.
  • all appropriate recipients of the digital document 401-403 and the digital data entities 401- 406 forming said digital document will be automatically determined by the document publishing module 340 in cooperation with the access control module 320.
  • the user may modify the recipient list before actually publishing the created digital document .
  • a user 510 selects the docu- ment publishing module 340 by clicking on the "Create document” option described above.
  • the selection of this option will call a " create . cgi " program in the document publishing module 340, wherein the user will be presented with a "Create Document” page, as shown in fig. 3.
  • the user may select a type of document among a list of predefined document templates shown in a scroll list to the left in fig 3.
  • the " create . cgi " program will then present the user with a page as shown in fig. 4.
  • the published digital document will first only reach the other users 511-512 belonging to the node 504. Only when a user of that node has approved to publish the digital document further (possibly after additional modification of the document) to the subtree of node 504 (i.e. the nodes 506-509), the digital document will be distributed further to these subnodes and the respective users belonging thereto.
  • the publishing user 510 may also select whether the recipients of the digital document shall be notified.
  • the " create . cgi " program presents a set of recipient parameter lists, labeled "Systems", “Models”, and “Locations” in fig. 4, the first of which represents a list of business units, the second of which represents a list of product types and the third of which represents a list of geographical loca- tions.
  • the publishing user 510 may select an access level parameter with the implication that the recipients will only be selected among such user, the authority profiles of which comprise an access level parameter, which is at least equal to the access level selected on the page shown in fig. 4.
  • the result of the search is returned to the " recip_details . cgi " program, which will present the result on a "Recipient Details" page shown in fig. 5.
  • the publishing user may choose, at his own discretion, to delete recipients and/or add recipients from/to the recipient list assembled by the access control module 320. Such additional recipients may only be selected among users in the same subtree structure (see fig. 14) . Naturally, the user may choose not to modify the recipient list at all.
  • the publishing user may provide the document 401 with a document title, a message text or an attachment 404-406, as described above. If the user so desires, he may enter a preview mode by clicking the corresponding button in fig. 6. Otherwise, the user will click an "Update” button, wherein the " edi t_doc . cgi " program will present a "Publish Document” page to the user, as shown in fig 7.
  • the user is given another opportunity to recon- sider his choice of recipients and to modify this list, if necessary. He may also modify the document logic parameters selected in fig. 4.
  • the user may publish the document by clicking the corresponding button in fig. 7.
  • the digital document 401 thus created will be stored in the database 400. From that moment, the digital document will be accessible to all users that are present in the recipient list described above.
  • the personal workarea module 350 will call the access control module 320 to search in the database 400 for documents or digital data entities addressed to him/her.
  • the recently created digital document 401 will be available to such a user.
  • Each node 501-509 in the hierarchical structure 500 shown in fig. 14 has one user, which is designated as ad- ministrator of that node.
  • administrators are represented by a triangle, while "normal" users are represented by a square box.
  • the administrator status is indicated by a separate parameter in the administrator's authority profile.
  • a certain value of the access level parameter in the authority profile of a certain user may indicate that the user in question has an administrator status in the subtree starting from the node, to which the user belongs.
  • user 512 is designated as administrator of his/her node 504 and the subtree starting from that node, i.e. nodes 506-509.
  • the user may select the "Administration" option in the rightmost portion of any screen page.
  • the program " admin . cgi " in the administration module 330 will be called, and a screen page according to fig. 8 will be presented to the administrator.
  • the administrator may choose among a "User administration” option and a "Statistics” option.
  • the "User administration” option is handled by a
  • user admin . cgi program, which brings forward a screen page according to fig. 9.
  • the user may choose to add a new user to his/her node, to modify the information about any available user, to add a new child node to the subtree originating from his/her node, to modify the information of any node in the subtree, to change the administrator of the node in question or to move any node(s) from one position in the subtree to another.
  • the first option in- volves creating a new authority profile and setting an ac- cess level parameter as well as additional parameters (cf . the description above for the authority profile database 310) .
  • the access level of such a new authority profile may be set equal to or greater (more restricted) than the access level of the administrator.
  • the second option is illustrated in fig. 10, wherein a " user_ list . cgi " program has been called. This program presents a list of all users belonging to the administrator's own node as well as all subnodes in the subtree originating from that node.
  • the third option allows the administrator to add a new subnode to the subtree originating from the node, to which the administrator belongs.
  • the fourth option allows the administrator to modify information related to the node in question.
  • the fifth option implies assigning the admin- istrator status to another user and simultaneously resigning from his/her own administrator status.
  • the last option provides an opportunity for the administrator to move any subnode or set of subnodes in the subtree originating from the administrator's node to another position within that subtree.
  • the administrator may easily modify the subtree structure in his/her part of the organization to reflect e.g. a new organizational structure. All changes that are made to the hierarchical structure 500 shown in fig. 14 immediately affect the accessibility of the digital data entities 401-406 in the database 400 for all users that are involved in such a change.
  • a statistics module 360 provides statistical information about the rate of reception of any digital data entities addressed to a certain part of the organization.
  • the statistics module 360 is only available to users with an access level exceeding a predetermined threshold value and/or having administrator status.
  • the statistics module is available to users that have administrator status.
  • the administrator may se- lect the "Statistics" option in fig. 8, wherein a "pre_stat . cgi " program will be called to present a "Show Document Statistics" page shown in fig. 12.
  • the user may select various document recipient parameters in scroll lists. For instance, the user may select a particular document type, a particular product type, a particular geographical location, a particular organizational position or a particular access level.
  • the user may restrict the statistics selection to a particular time span or to documents comprising a cer- tain set of keywords .
  • the user will click a "Show statistics" button, wherein a "stat.cgi” program will be called to present a "Statistics" screen page shown in fig. 13.
  • this page provides information about the number of users that have received each document and that have actually read each document, respectively.
  • the information system also has a "Search the archive” option, which is handled by a " search . cgi " program and is operated from a “Search the Archive” screen page shown in fig. 11.
  • This search is handled by a document search module 370, which will allow the user to specify certain document parameters, such as document type, product type, time span, keyword, etc. and then click a "Search” button.
  • the document search module 370, and the " search . cgi " program will call the access control module 320 and request a list of all documents that match the selection criteria and are available to the particular user, i.e. such documents which are sent to recipients in the subtree of the organization, to which the user belongs .
  • All digital documents 401-403 created and stored in the database 400 are assigned a unique document ID. Each document maintains its document ID irrespective of whether the document has been modified by subordinate nodes.
  • the information system provides an opportunity for a cer- tain part of the organization to remove a chain of digital documents originating from a certain initial document, since all the documents in that chain are linked together by the document ID.
  • the information system may also comprise at least one additional program module, which provides additional functionality for users in the organization. In fig. 1 such additional functionality is illustrated by a shop module 380 for performing internet-type shopping within the organization. The accessibility for each user to this/these additional module (s) 380 is controlled by the respective authority profile in the authority profile database 310.
  • the information system is provided with a firewall 600 and a replicated database 700, which is op- eratively located "outside" the rest of the information system, i.e. the web server 100, the program modules 300 and the database 400. Selected portions of the contents of the database 400 and the various program modules 300 are continuously replicated to the database 700, which may be accessed by external workstations 801-803, from which users external to the organization may access a restricted version of the information contents and functionality of the information system, without jeopardizing any chosen level of information security. In fig. 14 such external users be- long to a node 509 and have an access level of 4.
  • the differentiation between external and. internal users i.e. the firewall 600
  • the firewall 600 is set so that users with an access level of 3 or less belong to the internal portion of the hierarchical user structure 500, while an access level of at least 4 is given to external users.
  • the location of the firewall 600 within the structure 500 may be changed at any time by administrators at the uppermost level (access level 1) of the structure 500.
  • the system according to the preferred embodiment is set up so that external nodes do not have an administrator of their own. Instead, the external node 509 of fig. 14 is remotely administered by the administrator of the superior node, i.e. node 508 of fig. 14.

Abstract

A computerized information system has at least one server (100) and a plurality of workstations (201-203) operatively connected to said server. The server is arranged to provide access for users (510-512) of said work stations to digital data entities (401-406) stored in a storage device (400). The system has means (310) for maintaining an authority profile assigned to each user, wherein the authority profile comprises an access level parameter and at least one of a geographical location parameter, an organizational position parameter, a product type parameter, a business unit parameter or a personal competence parameter and wherein the authority profile relates the user to a node (501-509) in a hierarchical structure (500). The system also has means (320) for controlling each user's accessibility to the digital data entities (401-406) in dependence of the authority profile. Additionally, the system has means (330) for allowing a user (512), the authority profile of which comprises a designation of said user as administrator of a particular node (504), to dynamically modify, create or delete authority profiles for users related to nodes (504, 506-509) in the hierarchical structure subordinate or identical to said particular node (504).

Description

A COMPUTERIZED INFORMATION SYSTEM
TECHNICAL FIELD The present invention relates to a computerized information system, comprising at least one server and a plurality of workstations operatively connected to said server, the server being arranged to provide access for users of said workstations to digital data entities stored in a storage device .
DESCRIPTION OF THE PRIOR ART
Computerized information systems as set out above are commonly used for distributing and sharing information among a plurality of persons belonging to e.g. a business organization. At least one server computer is connected to a database for storing a large quantity of information, and the users are provided access to the information from workstation computers operatively connected to the server com- puter by a local area network (LAN) and/or a wide area network (WAN) . The information system may be e.g. an electronic mail system, an in-house intranet-based information system, etc.
A rapidly growing organization is faced with various problems and difficulties. One major problem is how to maintain a sufficient level of internal communication. Such internal communication is of great importance for various reasons . For instance, it is important for the entire organization to be continuously updated on "who is respon- sible for what". Furthermore, it is often necessary to be able to distribute expert knowledge, which is available in one part of the organization, to other parts of the organization.
An inherent drawback of a large and growing organiza- tion is the substantial difficulties for a sender or publisher of a particular piece of information to select the proper recipients of the information, i.e. the problem of distinguishing between people that should receive the information and people, to which the particular information is of little or no interest. In reality, it is more or less impossible for any individual in an organization to precisely know the position, job tasks and preferences of all other members of the organization, including members belonging to sister companies and subsidiary companies. Consequently, as a precautionary measure, the exchange of in- formation in a large and growing organization is unnecessarily large, since the sender or publisher will often have to include all potential recipients, including those that might be proper recipients of the piece of information in question.
SUMMARY OF THE INVENTION It is an object of the present invention to provide a computerized information system, where the problems and difficulties above are solved or avoided. More specifi- cally, it is an object of the present invention to provide a large number of users in an organization with fully customized and personal information in dependence of personal expertise, competence, geographical location or organizational position. A further object is to provide dynamic support for a rapidly growing organization, so that new members, departments or subsidiaries may be added to the information system and given instant access to the correct pieces of information. The objects above are achieved by providing the information system with means for maintaining an authority profile assigned to each user, said authority profile comprising an access level parameter and at least one of a geographical location parameter, an organizational position parameter, a product type parameter, a business unit para- meter or a personal competence parameter, and said authority profile relating the user to a node in a hierarchical structure; means for controlling each user's accessibility to said digital data entities in dependence of said author- ity profile; and means for allowing a user, the authority profile of which comprises a designation of said user as administrator of a particular node, to dynamically modify, create or delete authority profiles for users related to nodes in the hierarchical structure subordinate or identi- cal to said particular node.
Other objects, advantages and features of the present invention appear from the following detailed disclosure, from the appended drawings as well as from the patent claims .
BRIEF DESCRIPTION OF THE DRAWINGS A preferred embodiment of the computerized information system according to the present invention will now be described in more detail, reference being made to the accompanying drawings, in which:
Fig. 1 is a general schematic diagram of the architecture of the information system,
Figs. 2 - 13 are computer monitor printouts illustrating some major functions of the information system and Fig. 14 is a schematic block diagram of a hierarchical authority profile structure.
DETAILED DISCLOSURE
Fig. 1 illustrates the computerized information sys- tern according to the preferred embodiment of the invention. The information system comprises a server computer 100, which will simply be referred to as "server" in the forthcoming. The server 100 is provided with a Microsoft* NT operating system and a Microsoft* SQL Server software pack- age. The server 100 is arranged to operate as a "web server" to provide web-based information services to a plurality of workstation computers 201-203, which are operatively connected, according to the TCP/IP protocol, to the server 100 in an "extranet" structure. Preferably, the workstation computers 201-203 (referred to as
"workstations" below) are personal computers, such as desktop computers, laptop computers or hand-held computers, which run any conventional operating system, such as Windows* 95, Windows* 98, Windows* 3.x, Apple* System x, UNIX* or Windows* NT. Additionally, the workstations 201- 203 are provided with a web browser software, such as Netscape* Navigator or Microsoft* Internet Explorer. However, the server 100 and the workstations 201-203 may be computers of any other kind than the ones mentioned above, which fulfill the functionality specifications below.
Furthermore, the way in which the workstations 201-203 are connected to the server 100 may be any known local area network (LAN) or wide area network (WAN) technology.
The server 100 is provided with a plurality of soft- ware program modules 300 in the form of CGI -programs
("Common Gateway Interface"), which are written in e.g. Java* and are executable on the server 100. The purpose of the program modules 300, which will be described in more detail below, is to realize the information services func- tionality of the inventive information system by producing dynamic HTML ("Hypertext Markup Language") pages to be presented .by the web browsers on the workstations 201-203. Furthermore, the information system comprises an authority profile database 310 and an access control module 320, the purpose of which will appear from the following. The information system is also provided with a main database 400 for storing a plurality of digital data entities, such as digital documents, representing information contained in the information system. Additionally, the information system comprises a firewall 600 and a replicated database 700.
Each of the program modules 300 will be given a detailed functional disclosure below. The authority profile database 310 and the access control module 320 form the basis of the information system and enable a distributed and growing organization to overcome the problems described above. The system is arranged to operate according to the principle that all information is locally known and should be managed locally rather than having a single central administrator, which would have to keep track of all members of the organization as well as their responsibilities and job tasks. By means of a decentralized administration tool in the form of an administration module 330, all parts of the organization may build an authority structure in the form of a set of authority profile records in the authority profile database 310. The administration module 330 will be further described below with reference to figs. 8-10.
Each user is assigned an authority profile, which comprises an access level parameter and at least one of a geographical location parameter, an organizational position parameter, a product type parameter, a business unit parameter or a personal competence parameter. These authority profiles are used by the access control module 320 for de- ciding whether and to what degree an individual user should have access to a particular piece of information in the form of a digital data entity 401-406 stored in the database 400.
The authority profile database 310, the access con- trol module 320 and the administration module 330 give any part of the organization an opportunity to build hierarchical tree structures and send lists, where the accessibility for all individual users belonging to that part of the organization to a particular digital data entity 401-406 is carefully controlled by the authority profile record assigned to the individual user. As previously mentioned, the authority profiles of all users are related to a respective node 501-509 in a hierarchical structure 500, which is schematically illustrated in fig. 14. All users of a particular node have the same access level, as indicated in fig. 14.
Furthermore, the access control module 320 is arranged to check whether a particular digital data entity 401-406 should be immediately available, once published by e.g. a user 510 belonging to e.g. a node 504, to all users belonging to the subtree originating from the node 504, (i.e., users 511-512 as well as nodes 506-509 with their respective users) , or whether a subordinate node in the subtree must authorize the publication of the particular digital data entity 401-406, before it is published further to respective subordinate nodes in the subtree structure.
The information system comprises a personal workarea module 350, which is arranged to provide each user with an interactive and automatic "to-do list". This workarea is presented to the user, when he or she enters the information system through a web browser program executed on any of the workstations 201-203, as illustrated in fig 2. The purpose of the personal workarea is to automatically keep record of all digital data entities that each individual user is expected to receive, and furthermore such digital data entities that the individual user is expected to process and. actively authorize, before the digital data entity is published further down the hierarchical subtree structure. In the exemplary workarea of fig 2, the user "semitopp" has two digital data entities, namely "qweqw" and "Annual meeting", to read or process.
As shown to the right in figs. 2-13, all screen pages have a static portion, comprising a "Home" option, a "Bookmarks" option, a "Search the archive" option, a "Create document" option, an "Administration" option and a "Help" option. The "Home" option brings the user back to the starting page in the information system, which is represented by the personal workarea page of fig. 2. The "Bookmarks" option is part of the personal workarea and al- lows the user to save and keep, for future use, such information, which is believed to be of importance and/or has not been read or processed yet. The "Bookmarks" functionality is part of the personal workarea module 350.
The "Search the archive", "Create document" and "Administration" options are further described later, while the "Help" option brings the user to an on-line help function, which is part of the information system and operates in a manner known per se for assisting the user in his/her daily use of the information system. A document publishing module 340 is part of the information system according to the preferred embodiment. This module provides an easy-to-use step-by-step procedure for adding and categorizing new information, i.e. new digital data entities 401-406, to the database 400, so as to publish the information contained in the digital data entities to different users depending on their individual authority profiles. The digital data entities 401-406 are preferably added to the database 400 by creating an empty document 401-403 and providing it with digital information, such as a document title, a message text, and/or an attachment 404-406 such as a text file, a computer executable file, a graphical image file, a moving pictures file, an acoustical sound file, etc.
When creating the digital document 401-403, the pub- lishing user will define a set of recipient parameters, such as access level restriction, geographical location, organizational position, business unit, product type, personal competence, etc. The document publishing module 340 will then automatically call the access control module 320 and request a list of recipients of the created digital document. The access control module 320 uses the recipient parameters specified by the user to search in the authority profile database 310 for all such users, the authority profiles of which match the specified recipient parameters. Hence, the publishing user will not have to bother with finding out all appropriate recipients of the digital document. On the contrary, all appropriate recipients of the digital document 401-403 and the digital data entities 401- 406 forming said digital document, will be automatically determined by the document publishing module 340 in cooperation with the access control module 320. However, once the system has proposed a list of recipients based upon the selected recipient parameters, the user may modify the recipient list before actually publishing the created digital document .
The stepwise usage of the document publishing module 340 for creating a digital document 401 will now be exemplified by reference to a set of computer monitor printouts in figs. 3-7. First, a user 510 (fig. 14) selects the docu- ment publishing module 340 by clicking on the "Create document" option described above. The selection of this option will call a " create . cgi " program in the document publishing module 340, wherein the user will be presented with a "Create Document" page, as shown in fig. 3. The user may select a type of document among a list of predefined document templates shown in a scroll list to the left in fig 3. After having, selected a type of document, the user clicks on the "Next" button located immediately below the scroll list. The " create . cgi " program will then present the user with a page as shown in fig. 4. Here, the user may select whether all respective subnodes in the hierarchical user structure 500 of fig. 14 will have to authorize a further publishing of the digital document to subordinate subnodes. If the user selects this option (by clicking the "Yes" but- ton) , the digital document 401 will not be immediately distributed among the entire subtree structure starting from the node 504, to which the publishing user 510 belongs. On the contrary, assuming that the publishing user 510 belongs to the node 504 of fig. 14, the published digital document will first only reach the other users 511-512 belonging to the node 504. Only when a user of that node has approved to publish the digital document further (possibly after additional modification of the document) to the subtree of node 504 (i.e. the nodes 506-509), the digital document will be distributed further to these subnodes and the respective users belonging thereto.
The publishing user 510 may also select whether the recipients of the digital document shall be notified. The " create . cgi " program presents a set of recipient parameter lists, labeled "Systems", "Models", and "Locations" in fig. 4, the first of which represents a list of business units, the second of which represents a list of product types and the third of which represents a list of geographical loca- tions. Additionally, the publishing user 510 may select an access level parameter with the implication that the recipients will only be selected among such user, the authority profiles of which comprise an access level parameter, which is at least equal to the access level selected on the page shown in fig. 4.
After having selected all appropriate parameters in fig. 4, the user clicks on a "Next" button not shown in fig. 4, wherein a " recip_de tails . cgi " program will be called in the document publishing module 340. This program will in turn call the access control module 320, which searches the authority profile database 310 for all such authority profile records, which match the selected recipient parameters.
The result of the search is returned to the " recip_details . cgi " program, which will present the result on a "Recipient Details" page shown in fig. 5. As shown in fig 5, the publishing user may choose, at his own discretion, to delete recipients and/or add recipients from/to the recipient list assembled by the access control module 320. Such additional recipients may only be selected among users in the same subtree structure (see fig. 14) . Naturally, the user may choose not to modify the recipient list at all. Once finished with the page shown in fig. 5, the user clicks on the "Next" button and is then presented with an "Edit Document" page shown in fig. 6, created by an
" edi t_doc . cgi " program. Here, the publishing user may provide the document 401 with a document title, a message text or an attachment 404-406, as described above. If the user so desires, he may enter a preview mode by clicking the corresponding button in fig. 6. Otherwise, the user will click an "Update" button, wherein the " edi t_doc . cgi " program will present a "Publish Document" page to the user, as shown in fig 7.
Here, the user is given another opportunity to recon- sider his choice of recipients and to modify this list, if necessary. He may also modify the document logic parameters selected in fig. 4. Once satisfied with the contents and structure of the digital document, the user may publish the document by clicking the corresponding button in fig. 7. The digital document 401 thus created will be stored in the database 400. From that moment, the digital document will be accessible to all users that are present in the recipient list described above. Hence, once a user among said recipients enters his personal workarea, the personal workarea module 350 will call the access control module 320 to search in the database 400 for documents or digital data entities addressed to him/her. Among other documents, the recently created digital document 401 will be available to such a user. -_-_
The functionality and usage of the administration module 330 will now be described with reference to figs. 8-10. Each node 501-509 in the hierarchical structure 500 shown in fig. 14 has one user, which is designated as ad- ministrator of that node. In fig. 14 administrators are represented by a triangle, while "normal" users are represented by a square box. Preferably, the administrator status is indicated by a separate parameter in the administrator's authority profile. Alternatively, a certain value of the access level parameter in the authority profile of a certain user may indicate that the user in question has an administrator status in the subtree starting from the node, to which the user belongs. For instance, it may be assumed in the hierarchical structure 500 in fig. 14 that user 512 is designated as administrator of his/her node 504 and the subtree starting from that node, i.e. nodes 506-509.
Provided that the user has administrator status, he/she may select the "Administration" option in the rightmost portion of any screen page. By doing so, the program " admin . cgi " in the administration module 330 will be called, and a screen page according to fig. 8 will be presented to the administrator. As shown in fig. 8, the administrator may choose among a "User administration" option and a "Statistics" option. The "User administration" option is handled by a
" user admin . cgi " program, which brings forward a screen page according to fig. 9. Here, the user may choose to add a new user to his/her node, to modify the information about any available user, to add a new child node to the subtree originating from his/her node, to modify the information of any node in the subtree, to change the administrator of the node in question or to move any node(s) from one position in the subtree to another.
In the preferred embodiment, the first option in- volves creating a new authority profile and setting an ac- cess level parameter as well as additional parameters (cf . the description above for the authority profile database 310) . The access level of such a new authority profile may be set equal to or greater (more restricted) than the access level of the administrator. The second option is illustrated in fig. 10, wherein a " user_ list . cgi " program has been called. This program presents a list of all users belonging to the administrator's own node as well as all subnodes in the subtree originating from that node. The third option allows the administrator to add a new subnode to the subtree originating from the node, to which the administrator belongs. The fourth option allows the administrator to modify information related to the node in question. The fifth option implies assigning the admin- istrator status to another user and simultaneously resigning from his/her own administrator status. The last option, finally, provides an opportunity for the administrator to move any subnode or set of subnodes in the subtree originating from the administrator's node to another position within that subtree. Hence, the administrator may easily modify the subtree structure in his/her part of the organization to reflect e.g. a new organizational structure. All changes that are made to the hierarchical structure 500 shown in fig. 14 immediately affect the accessibility of the digital data entities 401-406 in the database 400 for all users that are involved in such a change.
A statistics module 360 provides statistical information about the rate of reception of any digital data entities addressed to a certain part of the organization. The statistics module 360 is only available to users with an access level exceeding a predetermined threshold value and/or having administrator status. In the preferred embodiment, the statistics module is available to users that have administrator status. Hence, the administrator may se- lect the "Statistics" option in fig. 8, wherein a "pre_stat . cgi " program will be called to present a "Show Document Statistics" page shown in fig. 12. As shown in fig. 12, the user may select various document recipient parameters in scroll lists. For instance, the user may select a particular document type, a particular product type, a particular geographical location, a particular organizational position or a particular access level. Furthermore, the user may restrict the statistics selection to a particular time span or to documents comprising a cer- tain set of keywords . After having completed the form shown in fig. 12, the user will click a "Show statistics" button, wherein a "stat.cgi" program will be called to present a "Statistics" screen page shown in fig. 13. As shown in fig. 13, this page provides information about the number of users that have received each document and that have actually read each document, respectively.
As previously mentioned, the information system also has a "Search the archive" option, which is handled by a " search . cgi " program and is operated from a "Search the Archive" screen page shown in fig. 11. This search is handled by a document search module 370, which will allow the user to specify certain document parameters, such as document type, product type, time span, keyword, etc. and then click a "Search" button. The document search module 370, and the " search . cgi " program, will call the access control module 320 and request a list of all documents that match the selection criteria and are available to the particular user, i.e. such documents which are sent to recipients in the subtree of the organization, to which the user belongs .
All digital documents 401-403 created and stored in the database 400 are assigned a unique document ID. Each document maintains its document ID irrespective of whether the document has been modified by subordinate nodes. Hence, the information system provides an opportunity for a cer- tain part of the organization to remove a chain of digital documents originating from a certain initial document, since all the documents in that chain are linked together by the document ID. The information system may also comprise at least one additional program module, which provides additional functionality for users in the organization. In fig. 1 such additional functionality is illustrated by a shop module 380 for performing internet-type shopping within the organization. The accessibility for each user to this/these additional module (s) 380 is controlled by the respective authority profile in the authority profile database 310.
Furthermore, the information system is provided with a firewall 600 and a replicated database 700, which is op- eratively located "outside" the rest of the information system, i.e. the web server 100, the program modules 300 and the database 400. Selected portions of the contents of the database 400 and the various program modules 300 are continuously replicated to the database 700, which may be accessed by external workstations 801-803, from which users external to the organization may access a restricted version of the information contents and functionality of the information system, without jeopardizing any chosen level of information security. In fig. 14 such external users be- long to a node 509 and have an access level of 4.
In the example of fig. 14 the differentiation between external and. internal users, i.e. the firewall 600, is set so that users with an access level of 3 or less belong to the internal portion of the hierarchical user structure 500, while an access level of at least 4 is given to external users. The location of the firewall 600 within the structure 500 may be changed at any time by administrators at the uppermost level (access level 1) of the structure 500. Furthermore, the system according to the preferred embodiment is set up so that external nodes do not have an administrator of their own. Instead, the external node 509 of fig. 14 is remotely administered by the administrator of the superior node, i.e. node 508 of fig. 14.
The present invention has been described above with reference to a preferred embodiment. However, this disclosure has exemplifying but not limiting purposes. Therefore, the present invention shall only be limited by the scope of the appended patent claims. Other embodiments not specifically disclosed herein are equally possible within the scope of the invention.

Claims

1. A computerized information system, comprising at least one server (100) and a plurality of workstations (201-203) operatively connected to said server, the server being arranged to provide access for users (510-512) of said workstations to digital data entities (401-406) stored in a storage device (400) , c h a r a c t e r i z e d by means (310) for maintaining an authority profile assigned to each user (510-512) , said authority profile comprising an access level parameter and at least one of a geographical location parameter, an organizational position parameter, a product type parameter, a business unit parameter or a personal competence parameter, and said author- ity profile relating the user to a node (501-509) in a hierarchical structure (500) ; means (320) for controlling each user's accessibility to said digital data entities (401-406) in dependence of said authority profile; and means (330) for allowing a user (512), the authority profile of which comprises a designation of said user as administrator of a particular node (504), to dynamically modify, create or delete authority profiles for users related to nodes (504, 506-509) in the hierarchical structure subordinate or identical to said particular node (504) .
2. An information system as in claim 1, further comprising document publishing means (340) for adding digital data entities (401-406) to said storage device (400) and having functions for: a) allowing a publishing user (510) at a workstation (201-203) to create an empty digital document (401-403) ; b) allowing the publishing user to select at least one parameter from any of a list of access level restric- tions, a list of geographical locations, a list of organ- izational positions, a list of business units, a list of product types, or a list of personal competences; c) assembling a list of recipients of the document among users, the authority profiles of which match said selected parameter; d) allowing the publishing user to provide the document with at least one digital data entity (401-406) in the form of a document title, a message text, or an attachment such as a text file, a computer executable file, a graphi- cal image file, a moving pictures file, an acoustical sound file, etc; and e) allowing the publishing user to store the document in said storage device .
3. An information system as in claim 2, wherein function c) is arranged to only select recipients among users, which are related to nodes (504, 506-509) in the hierarchical structure (500) subordinate or identical to the node (504) related to the publishing user (510) .
4. An information system as in claim 2 or 3 , further comprising a function for c') allowing the publishing user (510) to delete recipients from and/or add recipients to the list assembled by function c) .
5. An information system according to any of claims 2-4, further comprising means (370) for searching among digital documents (401-403) stored in said storage device (400) .
6. An information system according to any preceding claim, further comprising a firewall (600) and a second storage device (700), said second storage device being operatively located on the opposite side of the firewall as compared to said first storage device (400) and being arranged to contain a replicated version of at least a portion of the contents of the first storage device.
7. An information system according to any preceding claim, wherein said digital data entities (401-406) constitute digital text information, computer executable files, graphical image files, moving pictures files or acoustical sound files, or any combination thereof.
8. An information system according to any preceding claim, wherein said workstations (201-203) are operatively connected to said server (100) according to the TCP/IP protocol .
9. An information system according to any preceding claim, further comprising means (330) for allowing a user (512) designated as administrator of a particular node (504) to modify, create or delete nodes (504, 506-509) in the hierarchical structure (500) subordinate or identical to said particular node.
PCT/SE1999/001431 1998-08-25 1999-08-24 Authority profiles in a hierarchical computerized information system WO2000011583A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU57682/99A AU5768299A (en) 1998-08-25 1999-08-24 A computerized information system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE9802846-7 1998-08-25
SE9802846A SE9802846L (en) 1998-08-25 1998-08-25 Computerized information system

Publications (2)

Publication Number Publication Date
WO2000011583A2 true WO2000011583A2 (en) 2000-03-02
WO2000011583A3 WO2000011583A3 (en) 2000-06-02

Family

ID=20412355

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE1999/001431 WO2000011583A2 (en) 1998-08-25 1999-08-24 Authority profiles in a hierarchical computerized information system

Country Status (3)

Country Link
AU (1) AU5768299A (en)
SE (1) SE9802846L (en)
WO (1) WO2000011583A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2383438A (en) * 2001-12-20 2003-06-25 Inventec Corp Authorisation method and system for storing and retrieving data
WO2018143683A1 (en) 2017-02-02 2018-08-09 Hp Printing Korea Co., Ltd. Providing service according to user authority
US11803634B2 (en) 2021-02-25 2023-10-31 International Business Machines Corporation Secure preconfigured profile for role-based access control setup

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0697662A1 (en) * 1994-08-15 1996-02-21 International Business Machines Corporation Method and system for advanced role-based access control in distributed and centralized computer systems
WO1998001807A1 (en) * 1996-07-03 1998-01-15 Polydoc N.V. Document producing support system
US5748890A (en) * 1996-12-23 1998-05-05 U S West, Inc. Method and system for authenticating and auditing access by a user to non-natively secured applications
US5752242A (en) * 1996-04-18 1998-05-12 Electronic Data Systems Corporation System and method for automated retrieval of information
US5881225A (en) * 1997-04-14 1999-03-09 Araxsys, Inc. Security monitor for controlling functional access to a computer system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0697662A1 (en) * 1994-08-15 1996-02-21 International Business Machines Corporation Method and system for advanced role-based access control in distributed and centralized computer systems
US5752242A (en) * 1996-04-18 1998-05-12 Electronic Data Systems Corporation System and method for automated retrieval of information
WO1998001807A1 (en) * 1996-07-03 1998-01-15 Polydoc N.V. Document producing support system
US5748890A (en) * 1996-12-23 1998-05-05 U S West, Inc. Method and system for authenticating and auditing access by a user to non-natively secured applications
US5881225A (en) * 1997-04-14 1999-03-09 Araxsys, Inc. Security monitor for controlling functional access to a computer system

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2383438A (en) * 2001-12-20 2003-06-25 Inventec Corp Authorisation method and system for storing and retrieving data
GB2383438B (en) * 2001-12-20 2005-07-20 Inventec Corp Authorization method and system for storing and retrieving data
WO2018143683A1 (en) 2017-02-02 2018-08-09 Hp Printing Korea Co., Ltd. Providing service according to user authority
CN109804599A (en) * 2017-02-02 2019-05-24 惠普打印机韩国有限公司 Service is provided according to user right
EP3476081A4 (en) * 2017-02-02 2020-01-01 Hewlett-Packard Development Company, L.P. Providing service according to user authority
US11012321B2 (en) 2017-02-02 2021-05-18 Hewlett-Packard Development Company, L.P. Providing service according to user authority
US11803634B2 (en) 2021-02-25 2023-10-31 International Business Machines Corporation Secure preconfigured profile for role-based access control setup

Also Published As

Publication number Publication date
SE9802846D0 (en) 1998-08-25
SE9802846L (en) 2000-02-26
AU5768299A (en) 2000-03-14
WO2000011583A3 (en) 2000-06-02

Similar Documents

Publication Publication Date Title
US6990629B1 (en) Publishing system for intranet
US7039860B1 (en) Creating web pages category list prior to the list being served to a browser
US6247032B1 (en) Automated system and method for approving web site content
US6308188B1 (en) System and method for building a web site with automated workflow
US6745238B1 (en) Self service system for web site publishing
US5930801A (en) Shared-data environment in which each file has independent security properties
US6026433A (en) Method of creating and editing a web site in a client-server environment using customizable web site templates
US7127670B2 (en) Document management systems and methods
US6219680B1 (en) System and method for building a web site for use in E-commerce with user specific pricing
US7117271B2 (en) Web server enabling direct scheduling and calendaring capability
US7404141B1 (en) System for creating and maintaining a website
US20130174229A1 (en) Web-Based Collaborative Framework
US20050246216A1 (en) Systems and methods for managing information at various levels
US20140172822A1 (en) System and method for distributing and creating presentations
WO2000057321A2 (en) Story workflow management system and method
WO2005114465A2 (en) Method of and system for collaboration web-based publishing
WO2001022310A1 (en) Interactive personal information system and method
US7035838B2 (en) Methods and systems for organizing information stored within a computer network-based system
US20070294370A1 (en) Scheduling and information sharing and distribution system and method
CA2356846A1 (en) Generalized multi-interfaced extensible content management and delivery system, and on-line calendar
US7788486B2 (en) System and method for distributing and creating presentations
US20030074370A1 (en) System and method for object based delivery of on-line courses and content
WO2000011583A2 (en) Authority profiles in a hierarchical computerized information system
WO2006079052A2 (en) A system and method for creating and administering web content
Dalton Does anybody have a map? Accessing information in the Internet's virtual library

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase